757 matches found
CVE-2023-40607 WordPress CLUEVO LMS, E-Learning Platform Plugin <= 1.10.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin = 1.10.0 versions...
CVE-2023-40607
CVE-2023-40607 is a CSRF vulnerability in the WordPress plugin CLUEVO LMS, E-Learning Platform , affecting versions ≤ 1.10.0 . The issue could enable an unauthenticated attacker to trigger actions on behalf of a user; remediation is to upgrade to version 1.11.0 or newer . Public sources show vary...
WordPress Plugin CLUEVO LMS, E-Learning Platform Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
Chamilo unauthenticated command injection in PowerPoint upload
Chamilo is an e-learning platform, also called Learning Management Systems LMS. This module exploits an unauthenticated remote command execution vulnerability that affects Chamilo versions 1.11.18 and below CVE-2023-34960. Due to a functionality called Chamilo Rapid to easily convert PowerPoint...
Moodle 安全漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from the presence of an SQL injection vulnerability...
Moodle 安全漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from the presence of a redirection vulnerability...
WordPress CLUEVO LMS, E-Learning Platform Plugin <= 1.10.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software CLUEVO LMS, E-Learning Platform Type Plugin Vulnerable versions = 1.10.0 Fixed in 1.11.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-40607 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 43e0be6be22c Credits...
CVE-2023-3563
A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was...
CVE-2023-3563
A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was...
Cross site scripting
A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was...
GZ Scripts GZ E Learning Platform 跨站脚本漏洞
GZ Scripts GZ E Learning Platform is a php e-learning platform from GZ Scripts. A cross-site scripting vulnerability exists in GZ Scripts GZ E Learning Platform that stems from an unknown issue...
CVE-2023-3563 GZ Scripts GZ E Learning Platform URL Parameter cross site scripting
A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was...
CVE-2023-3563 GZ Scripts GZ E Learning Platform URL Parameter cross site scripting
A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was...
CVE-2023-3563
The CVE-2023-3563 entry concerns GZ Scripts’ GZ E Learning Platform 1.8. The vulnerability affects the URL Parameter Handler component, caused by insecure/unknown processing that enables cross-site scripting (XSS) and can be exploited remotely. The available sources do not specify a fixed version...
PT-2023-25233 · Gz Scripts · Gz E Learning Platform
Name of the Vulnerable Software and Affected Versions: GZ Scripts GZ E Learning Platform version 1.8 Description: A problem was found in the processing of the component URL Parameter Handler, which can lead to cross site scripting. The issue can be exploited remotely. Recommendations: For GZ...
GZ E Learning Platform 1.8 Cross Site Scripting
┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...
Moodle cross-site scripting vulnerability (CNVD-2023-43862)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in Moodle version 3.10.1 that stems from improper input cleanup and is susceptible to...
Moodle Uncontrolled Resource Consumption Vulnerability
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. An uncontrolled resource consumption vulnerability exists in the Moodle URL parsing process, which can be exploited by an attacker to...
e-learning.mahkamahagung.go.id Cross Site Scripting vulnerability OBB-3075636
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
e-learning-cco.unoesc.edu.br Cross Site Scripting vulnerability OBB-3075623
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...